On May 24 2007 10:31, Paul Harlow wrote:
>Hi all,
>
>Fedora 5 patched, i386 SMP
>
>I am looking for info on how to dynamically load a particular kernel
>module when I restart IPTables. I have firewalling rules in place for FTP
>traffic (both passive and active) however when I restart IPTables I
>notice that the module ip_conntrack_ftp does not load, I have to load it
>manually.
That is because your ruleset only depends [as in: symbols] on
iptable_filter, ip_conntrack and such, but not ip_conntrack_ftp.
>This presents a problem if someone other than myself has to
>reload firewall rules on this machine but isn't aware of the FTP
>rules/needs.
>
>Will adding the line "ip_conntrack_ftp" to the modules.conf file solve
>this problem and leave the particular module in permanently?
Adding it to /etc/sysconfig/kernel variable MODULES_LOADED_ON_BOOT
(opensuse; YMMV) will do that, yes. (modprobe.conf? I do not think
that is the right place.) Until someone manually rmmods it (,yes).
Jan
--
|